parallel-cli
Fail
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: Instruction to execute a remote shell script by piping the output of
curldirectly tobash(curl -fsSL https://parallel.ai/install.sh | bash). This practice permits unverified code to run with the user's current privileges. - [EXTERNAL_DOWNLOADS]: Recommends downloading software and dependencies from third-party sources including
parallel.ai, NPM, PyPI, and Homebrew repositories. - [COMMAND_EXECUTION]: Operates through a series of command-line interface calls (
parallel-cli) that perform networking, file management, and authentication tasks. - [DATA_EXFILTRATION]: Transmits user-provided search queries and data to the
parallel.aiexternal service for processing and synthesis. - [PROMPT_INJECTION]: Potential surface for indirect prompt injection when handling untrusted data from the web.
- Ingestion points: External content is retrieved using
search,extract, andresearchcommands from arbitrary web sources (SKILL.md). - Boundary markers: Absent. The skill lacks instructions for using delimiters or protective prompts when the agent processes extracted text.
- Capability inventory: The skill has the ability to execute shell commands and write to temporary files (SKILL.md).
- Sanitization: No evidence of content filtering, escaping, or validation before processing external content (SKILL.md).
Recommendations
- HIGH: Downloads and executes remote code from: https://parallel.ai/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata